Study finds API vulnerabilities continuing issue for digital brands
Local File Inclusion attacks racked up 3.3 billion attempted attacks, and Cross-Site Scripting attacks racked up just over 1 billion attempted attacks.
These attacks highlight the continued vulnerability of digital APIs, which put many digital businesses at higher security risks. Other interesting findings from the report include:
â€¢ More than 1 billion credential stuffing attacks were attempted during single-day reporting periods in both January and May 2021
â€¢ US-based businesses were the top target for attacks, with nearly 6x more attempted attacks that the UK, which ranked at number two
“From broken authentication and injection flaws, to simple misconfigurations, there are numerous API security concerns for anyone building an internet-connected application,” said Steve Ragan, Akamai Security Researcher and author of the report. “API attacks are both underdetected and underreported when detected. While DDoS attacks and ransoms are are both major issues, attacks on APIs don’t receive the same level of attention. . .but that doesn’t mean they should be ignored.”